package com.huahang.fashionpress.aspect;

import com.huahang.fashionpress.config.ParamConfig;
import com.huahang.fashionpress.enums.ExceptionEnum;
import com.huahang.fashionpress.exception.AdminExecuteException;
import com.huahang.fashionpress.exception.RoleException;
import com.huahang.fashionpress.model.Admin;
import com.huahang.fashionpress.model.Role;
import com.huahang.fashionpress.service.RoleService;
import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.boot.autoconfigure.kafka.KafkaProperties;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.validation.constraints.Max;
import java.util.List;

/**
 * @Author: 阿俊哥
 * @Date: 2019/8/25 18:53
 * @Version 1.0
 */
@Aspect
@Component
@Slf4j
public class LoginAspect {

    @Resource
    RoleService roleService;

    @Resource
    ParamConfig paramConfig;

    @Pointcut("execution( public * com.huahang.fashionpress.controller.Admin*.*(..))"+
    "&& !execution(public * com.huahang.fashionpress.controller.AdminLoginController.*(..))")
    public void verify(){}

    @Before("verify()")
    public void doverify(){
        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
        HttpSession session = request.getSession();
        if(session.getAttribute("administrator")==null){
            log.info("【用户管理】用户没有登录");
            throw new AdminExecuteException(ExceptionEnum.ADMIN_NOT_LOGIN);
        }
        //如果已经登录了，就判断权限是否有
        //1.查询权限表，获取权限list
        Admin admin = (Admin) session.getAttribute("administrator");
        List<Role> roleList = roleService.selectRoleList(admin.getNickId());
        //根据权限列表查看是否包含这个url,，如果是管理员就直接放行
        //直接进来不显示不就行了
        boolean flag = false;
        for (Role role :
                roleList) {
           if(role.getRoleName().equals("order")) {
               session.setAttribute("order", 1);
           }
            if(role.getRoleName().equals("category")) {
                session.setAttribute("category", 1);
            }
            if(role.getRoleName().equals("img")) {
                session.setAttribute("img", 1);
            }
            if(role.getRoleName().equals("product")) {
                session.setAttribute("product", 1);
            }
            if(role.getRoleName().equals("nick")) {
                session.setAttribute("nick", 1);
            }
            if(role.getRoleName().equals("admin")) {
                session.setAttribute("admin", 1);
            }
            if(role.getRoleName().equals("allroles")) {
                session.setAttribute("order", 1);
                session.setAttribute("category", 1);
                session.setAttribute("img", 1);
                session.setAttribute("product", 1);
                session.setAttribute("nick", 1);
                session.setAttribute("admin", 1);
                flag = true;
            }
            //超级管理员判断
            if(request.getRequestURL().toString().contains(role.getRoleName())){
                flag=true;
            }

        }
        //进入主页是可以的
        if(request.getRequestURL().toString().equals(paramConfig.getObjectName())){
            flag = true;
        }
        if(flag==false){
            log.info("【权限管理】此人没有权限 管理员是："+admin.getAdminUsername());
            throw new RoleException(ExceptionEnum.NOT_EXIT_ROLE);
        }



    }
}
